Benjamin Dauvergne
9d8528968c
views: add a VERIFY_SSL_CERTIFICATE setting
...
It controls the validation of certificates by requests on artifact
resolve requests. It's a global and by idp setting.
Also improve logs in errors paths around when calling the artifact
resolver.
fixes #7521
2015-06-10 15:07:59 +02:00
Frédéric Péters
8dc0fd969a
add support for artifact GET protocol binding ( #7267 )
2015-05-18 18:09:15 +02:00
Benjamin Dauvergne
4b71bbca3a
views: in sso_failure() the call to self.get_id() could never work, replace by utils.get_idp()
...
In SSO response treatment we do not know anymore the requested IdP from the query string
we must look in the LassoLogin object.
fixes #7271
2015-05-18 16:16:27 +02:00
Benjamin Dauvergne
6dab31ace8
views: fix setting of isPassive and forceAuthn ( fixes #7100 )
2015-05-18 11:01:40 +02:00
Serghei Mihai
5dcde8614e
login view refactored ( #6801 )
...
Authentication logic split into another, overridable, method
2015-03-24 09:40:25 +01:00
Frédéric Péters
adb72da954
set login.msgRelayState to the value from POST ( #6384 )
2015-03-09 12:59:01 +01:00
Benjamin Dauvergne
9525e29b03
Always use adapters to get to IdP settings
2015-02-13 18:10:51 +01:00
4f0f50f816
mellon/views.py: store and load the liberty session dump for slo
2015-02-05 18:26:29 +01:00
Benjamin Dauvergne
b0f5c49893
Always set the issuer attribtute to the AuthnResponse issuer
2014-12-09 10:30:32 +01:00
Benjamin Dauvergne
96a51c4952
Use IdP entity id for default name qualifier and SP entity id for default sp name qualifier
2014-12-09 00:33:40 +01:00
Benjamin Dauvergne
94cfed8a8e
If name qualifier are missing use the implicit IdP or SP name qualifiers
2014-12-07 20:55:52 +01:00
Benjamin Dauvergne
ff548d020d
Force unicode on NameID qualifiers to enforce them being ASCII
2014-11-24 10:35:39 +01:00
Benjamin Dauvergne
15d420f728
Improve logging in views
2014-11-24 10:35:01 +01:00
Benjamin Dauvergne
9a2caa3a6a
Set AllowCreate flag on emitted AuthnRequest
2014-11-17 17:35:36 +01:00
Benjamin Dauvergne
84b616fe22
Fix extraction of the assertion's issuer
2014-09-05 15:05:34 +02:00
Benjamin Dauvergne
e5e9dcf86a
rename get_parameter() to get_setting()
2014-09-03 09:12:01 +02:00
Benjamin Dauvergne
9f587f1cc2
views: do not assume a nameIdentifier is available
...
Only populate NameID keys if a NameID was stored in
login.nameIdentifier.
2014-09-03 09:12:01 +02:00
Benjamin Dauvergne
b90059feef
views: delete dead imports
2014-09-03 09:12:01 +02:00
Benjamin Dauvergne
bcb055263b
improve handling of authentication errors
...
All errors are logged as warnings, status message and status codes are
logged, and if DEBUG is True, shown to the user.
2014-05-28 20:19:54 +02:00
Benjamin Dauvergne
ca4cad75a6
views: formatting
2014-05-02 17:18:53 +02:00
Benjamin Dauvergne
371d6bc941
views: apply django.shortcuts.resolve_url() to all use of settings.LOGIN_REDIRECT_URL
2014-05-02 17:18:39 +02:00
Benjamin Dauvergne
0e3b0272f0
views,utils: keep the NameQualifier and SPNameQualifier attribut of NameID as they could be mandatory for some IdPs
2014-05-02 16:01:47 +02:00
Benjamin Dauvergne
cf7da749cb
views: fix processing of logout responses
2014-05-02 16:01:47 +02:00
Benjamin Dauvergne
d2feb75bb6
views: always do the local logout
2014-05-02 16:01:47 +02:00
Benjamin Dauvergne
6b8dcc5e78
views: improve display of authentication failures
2014-05-02 16:01:47 +02:00
Benjamin Dauvergne
565d7a07f2
add logout support
2014-05-02 11:48:05 +02:00
Benjamin Dauvergne
a1646489e2
first commit
2014-04-30 14:34:39 +02:00
Benjamin Dauvergne
Frédéric Péters
Serghei Mihai
Jérôme Schneider